I tried superanti-spyware and it ran 1 time and found "trojan dropper/sys-nv" and "trojan agent/ gen-small dropper"...I followed the instructions and tried to quarantine these items, but when I restarted my computer, it came back up with "RUNDLL error loading tapi.nfo"...then the superanti-spyware will not work anymore...my internet works fine other than the google redirect. Please help!!
Hijack would freeze during scan, so i have provided a gmer log
GMER 1.0.15.15077 [9537l9ty.exe] - http://www.gmer.net
Rootkit scan 2009-09-04 17:35:53
Windows 5.1.2600 Service Pack 3
---- System - GMER 1.0.15 ----
SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenProcess [0xEEEA9BCE]
SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwOpenThread [0xEEEA9CBC]
SSDT \??\C:\Program Files\BitDefender\BitDefender 2009\bdselfpr.sys (BitDefender Self Protection Driver/BitDefender S.R.L.) ZwTerminateProcess [0xEEEA9B32]
SSDT \??\C:\windows\system32\Drivers\uphcleanhlp.sys ZwUnloadKey [0xEEFF76D0]
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Tcp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\Udp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
AttachedDevice \Driver\Tcpip \Device\RawIp bdftdif.sys (BitDefender Firewall TDI Filter Driver/BitDefender LLC)
---- Processes - GMER 1.0.15 ----
Library \\?\globalroot\Device\__max++>\F26D7496.x86.dll (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jqs.exe [328] 0x35670000
Library \\?\globalroot\Device\__max++>\F26D7496.x86.dll (*** hidden *** ) @ C:\windows\system32\winlogon.exe [664] 0x35670000
Library \\?\globalroot\Device\__max++>\F26D7496.x86.dll (*** hidden *** ) @ C:\windows\system32\svchost.exe [936] 0x35670000
Library \\?\globalroot\Device\__max++>\F26D7496.x86.dll (*** hidden *** ) @ C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe [1092] 0x35670000
Library \\?\globalroot\Device\__max++>\F26D7496.x86.dll (*** hidden *** ) @ C:\windows\System32\svchost.exe [1104] 0x35670000
---- Registry - GMER 1.0.15 ----
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL@
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@NoChange 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI@
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS@Installed 1
Reg HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS@
Reg HKLM\SOFTWARE\Classes\Installer\Features\5F5A11986A6013941B391EBFE0AC3F27
Reg HKLM\SOFTWARE\Classes\Installer\Features\5F5A11986A6013941B391EBFE0AC3F27@DefaultFeature
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@ProductName Exterminate3
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@PackageCode 92348208B3C0AAC4AA9A30A4FAA54D27
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@Language 1033
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@Version 16777216
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@Assignment 1
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@AdvertiseFlags 388
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@InstanceType 0
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@AuthorizedLUAApp 0
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@DeploymentFlags 3
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27@Clients :?
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList@PackageName Exterminate3.msi
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList@LastUsedSource n;1;C:\Program Files\PCPitstop\PC Matic\uninstall\
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList\Media
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList\Media@1 ;
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList\Net
Reg HKLM\SOFTWARE\Classes\Installer\Products\5F5A11986A6013941B391EBFE0AC3F27\SourceList\Net@1 C:\Program Files\PCPitstop\PC Matic\uninstall\
Reg HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7E29B30FF20A7574E8E33A18BE6E8512
Reg HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7E29B30FF20A7574E8E33A18BE6E8512@5F5A11986A6013941B391EBFE0AC3F27
Reg HKLM\SOFTWARE\Classes\Installer\Win32Assemblies\Global@Microsoft.MSXML2,publicKeyToken="6bd6b9abf345378f",version="4.20.9818.0",type="win32",processorArchitecture="x86" _[X'TOMST?Ki,zyhLGyL>2INR3`I9&?giP6x,s{bo?grjNLln*a9jep!hbk@K`MSXMLSXS>2INR3`I9&?giP6x,s{bo?
Reg HKLM\SOFTWARE\Classes\Installer\Win32Assemblies\Global@Microsoft.MSXML2R,publicKeyToken="6bd6b9abf345378f",version="4.1.0.0",type="win32",processorArchitecture="x86" _[X'TOMST?Ki,zyhLGyL>ITzaC}zyQ@Zq3QlMCb0e?grjNLln*a9jep!hbk@K`MSXMLSXS>ITzaC}zyQ@Zq3QlMCb0e?
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5B05A292-AA87-F669-5534-5CB10F6F4AA6}
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5B05A292-AA87-F669-5534-5CB10F6F4AA6}@abgfehiohobbopmaboidapfidgofnmfnbj 0x65 0x62 0x67 0x66 ...
Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{5B05A292-AA87-F669-5534-5CB10F6F4AA6}@bbgfehiohobbopmabohdlaffeeinmdfiipib 0x61 0x62 0x64 0x64 ...
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 05: copy of MBR
---- EOF - GMER 1.0.15 ----